Get the latest cybersecurity, privacy, and surveillance news for information security professionals

IT Security News Blast – 11-13-2020

DHS panel says 2020 vote was 'most secure in American history'

The statement directly contradicts the most recent in a raft of conspiracy theories put forth by President Donald Trump stating that a voting machine vendor secretly changed votes. This and other claims by Trump have been tagged as "disputed" under a new policy by Twitter to point to potential election misinformation.


Senior DHS cybersecurity official Bryan Ware to step down

A former technology entrepreneur, Ware has helped lead the DHS Cybersecurity and Infrastructure Security Agency’s efforts to protect health care and pharmaceutical industry from criminal and state-sponsored hacking. He has also made a point of getting better data, with the help of software tools, into the hands of CISA analysts for tracking hacking campaigns.


Senior U.S. cybersecurity official tells associates he expects to be fired: sources

Top U.S. cybersecurity official Christopher Krebs has told associates he expects to be fired by the White House, three sources familiar with the matter told Reuters. Krebs, who heads the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), did not return messages seeking comment. CISA and the White House declined comment.


‘Security Threat’ Forces Hendrick Health to EHR Downtime Procedures

While the latest update reported that Ryuk was behind the attack, it was Mount Locker threat actors that leaked data they claim to have stolen from the hospital during the week of November 2. The hospital confirmed early on that they were aware some patient data was stolen prior to the ransomware deployment, but officials said that outside of the initial attack, the hackers have had minimal communication with the hospital.


Bringing greater attention and awareness to cybersecurity practices in the global public health sector

Organizations with non-profit budgets may not have the funding available to create information technology and/or control assessment units to work towards better protection. You need to keep in mind that an NGO and non-profit have a primary goal to exist to service-specific goals; to work towards a mission and focus efforts on obtaining funding and reducing costs.


4 IoT Medical Devices That Are Vulnerable to Hacks

In this article, we will cover the four IoT medical devices that are most susceptible to cybersecurity breaches and how to protect them.

1 – Wireless Infusion Pumps

2 – Implanted Devices

3 – Smartpens

4 – Vital signs monitors


Cyber Risk Institute Updates Cybersecurity Profile

The profile—which ABA helped develop and which is intended to help financial institutions reduce the overall time spent on cyber risk compliance—is currently being implemented by many institutions and is accepted by the regulatory community.


DDoS Attacks vs Financial Industry: SEC Chairman Warning

While DDoS incidents have yet to become “systemic” in the financial industry, “good information sharing across firms and across the government” has helped keep events at bay so far, Clayton said. If hit by a DDoS attack, “[companies] should “reach out…to the SEC, reach out to the banking regulators” for help, he said, urging companies to regularly patch system software to bolster their security profile.


Steelcase Cyber Attack Should Be a Wakeup Call

The question is: Why do these events continue to occur across manufacturing environments? “The single biggest threat to enterprises today is underestimating and failing to address cybersecurity across all of their cyber and physical systems. Ransomware attackers are going after higher value targets and that includes operational networks.


Cyberattacks and the Constitution

This essay argues that as a conceptual and doctrinal matter, cyberattacks alone are rarely exercises of war powers—and they might never be. They are often instead best understood as exercises of other, nonwar military powers, foreign affairs powers, intelligence powers, and foreign commerce powers, among other constitutional powers not yet articulated.


Australian government warns of possible ransomware attacks on health sector

The Australian Cyber Security Center said it "observed increased targeting activity against the Australian Health sector by actors using the SDBBot Remote Access Tool (RAT)." [...] "SDBBot is comprised of 3 components," the ACSC explained. "An installer which establishes persistence, a loader which downloads additional components, and the RAT itself.


US Sanctions Placed on Russian Research Institute; Triton Malware Considered the Most Dangerous Current Threat To Critical Infrastructure

The State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics (TsNIIKhM) has been connected with developing and deploying the Triton malware, first seen in a 2017 attack on a petrochemical facility. The new US sanctions are a result of the 2017 Countering America’s Adversaries Through Sanctions Act, a bill that was in part designed to address Russian cyber attacks.


How China’s Control of Information is a Cyber Weakness

Yet the Chinese government’s efforts to disincentivize encryption—to allow for censorship and surveillance—have created an online environment where even websites that carry sensitive government, health and commercial data remain unencrypted. This leaves them open to exploitation by intelligence agencies and cybercriminals.


Forget Russia—Iranian Hackers Behind Malicious New Cyber Attacks, Warns New Report

According to the research team, the campaign built around this new Pay2Key ransomware “presented an ability to make a rapid move of spreading the ransomware within an hour to the entire network.” Ransom demands were low—less than $150,000, but the fact a new and virulent threat had been launched onto the market needed to be taken seriously.


LifeLabs personal data breach leads to multiple class action suits

Now, BC Supreme Court Justice Nitya Iyer Nov. 6 declined to stop two suits against LifeLabs in B.C. after Ontario Supreme Court awarded responsibility – or carriage - for Ontario suits to one of three competing groups of class action law firms. There are nine proposed actions in B.C. and four in Ontario. One B.C. suit proposes a single national action.


An Engineer Gets 9 Years for Stealing $10M From Microsoft

The software automatically prevented shipment of physical products to testers like Kvashuk. But in a crucial oversight, it didn't block the purchase of virtual gift cards. So the 26-year-old Kvashuk discovered that he could use his test account to buy real store credit and then use the credit to buy real products.


How Hackers Blend Attack Methods to Bypass MFA

For example, the Iranian hacker group Rampant Kitten targeted Iranian dissidents using malware deposited in the victim's Telegram messaging app, whose MFA was bypassed using previously intercepted SMS codes. [...] Hackers reverse-engineered Google's authentication flow and extracted two-factor authentication credentials from mobile apps to mimic and bypass Google Authenticator.


Emotet and TrickBot Top the Malware Charts Yet Again

Both Emotet and TrickBot started life as banking Trojans, but have evolved significantly in recent years and now feature advanced modular functionality to enable everything from crytojacking and ransomware to sophisticated data theft. Increasingly, they’re being used to provide access for attackers and maintain persistence in victim networks as a precursor to additional malware downloads such as ransomware.


DNS cache poisoning poised for a comeback: Sad DNS

With DNS cache poisoning, however, your DNS requests are intercepted and redirected to a poisoned DNS cache. This rogue cache gives your web browser or other internet application a malicious IP address. Instead of going to where you want to go, you're sent to a fake site. That forged website can then upload ransomware to your PC or grab your user name, password, and account numbers. In a word: Ouch!


How the Pentagon is trolling Russian, Chinese hackers with cartoons

Art that the cybersecurity community uses to portray Russian hackers has typically shown burly or ferocious bears, but Cyber Command wanted to avoid giving the Russian hackers an ego boost, the official said. [...] The result was an Oct. 29 report that shows a bear tripping over himself and spilling Halloween candy out of a pumpkin trick-or-treat bucket.

You are receiving this email because you are subscribed to receive the IT Security Daily Blast email from Michael Hamilton, Founder, President, and CISO of CI Security, formerly Critical Informatics.

Archived articles are available at

CI Security and the CI Security logo are the trademarks of CI Security, Inc. All other brand names, trademarks, service marks, and copyrights are the property of their respective owners.

© 2020 CI Security. All rights reserved.


CI Security

245 4th St, Suite 405  Bremerton, WA   98337

About Us   |   CI Security News   |   Contact Us 

Add this Email to Your Address Book